summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBill Marquette <billm@pfsense.org>2005-09-04 04:53:54 +0000
committerBill Marquette <billm@pfsense.org>2005-09-04 04:53:54 +0000
commit93a48ed86af5e5717b2020188736bea2bec34e36 (patch)
treece9b08726417bbbd1e22b8fb0cbf7447062ac5ab
parent7b0c0628c888e44ea642db6e101c0e506f9d630c (diff)
downloadpfsense-93a48ed86af5e5717b2020188736bea2bec34e36.zip
pfsense-93a48ed86af5e5717b2020188736bea2bec34e36.tar.gz
(#355) Validate input
-rwxr-xr-xusr/local/www/firewall_aliases_edit.php20
1 files changed, 14 insertions, 6 deletions
diff --git a/usr/local/www/firewall_aliases_edit.php b/usr/local/www/firewall_aliases_edit.php
index 5213095..e980fd3 100755
--- a/usr/local/www/firewall_aliases_edit.php
+++ b/usr/local/www/firewall_aliases_edit.php
@@ -74,13 +74,21 @@ if ($_POST) {
if (($_POST['name'] && !is_validaliasname($_POST['name']))) {
$input_errors[] = "The alias name may only consist of the characters a-z, A-Z, 0-9.";
}
- if (($_POST['address'] && !is_ipaddr($_POST['address']))) {
-// XXX: fixup this to detect correct type of data that should be posted.
-// $input_errors[] = "A valid address must be specified.";
- }
- if (($_POST['address_subnet'] && !is_numeric($_POST['address_subnet']))) {
- $input_errors[] = "A valid subnet bit count must be specified.";
+ if ($_POST['type'] == "host")
+ if (!is_ipaddr($_POST['address'])) {
+ $input_errors[] = "A valid address must be specified.";
+ }
+ if ($_POST['type'] == "network") {
+ if (!is_ipaddr($_POST['address'])) {
+ $input_errors[] = "A valid address must be specified.";
+ }
+ if (!is_numeric($_POST['address_subnet'])) {
+ $input_errors[] = "A valid subnet bit count must be specified.";
+ }
}
+ if ($_POST['type'] == "port")
+ if (!is_port($_POST['address']))
+ $input_errors[] = "The port must be an integer between 1 and 65535.";
/* check for name conflicts */
foreach ($a_aliases as $alias) {
OpenPOWER on IntegriCloud